The latest version of the package manager pacman 7.0 has been released for Arch Linux distribution. The new release includes several important changes aimed at enhancing functionality and security.
- A new download parameter has been added to the settings, allowing users to reset privileges during file downloading operations and save uploaded files to a temporary directory owned by the specified user.
- In Linux-based systems, insulation mechanisms have been implemented to prevent processes from loading or writing to areas outside the designated directory for loading. Users can now disable the insulation mode during loading using the Disablesandbox settings and the command line option -Disable-Sandbox.
- Additional verification has been added to ensure that the database and digital signature are loaded from the same source, enhancing security measures.
- To prevent buffer overflow, the SNPRINTF function has been introduced in the code instead of Sprintf, with a set limit on the size of the resulting line.
- Users now have the option to compile in “-D_Fortify_SOURCE = 3” mode to detect potential buffer overflow when executing string functions defined in the String.h header file.
- A bug that could lead to buffer overflow when processing very long file paths in scripts has been resolved, improving overall system stability and security.
/Reports, release notes, official announcements.